<?php 
session_start();
require('includes/eshop_fns.php');
if (!isset($_SESSION['customer_name'])){
	//header('Location: login.php');
	echo '<script>window.location.href=\'login.php\';</script>';
}
$id = $_REQUEST['id'];
$act = $_REQUEST['act'];
$customer_id = $_SESSION['customer_id'];

$conn = db_connect();
//添加购物车商品
if($act == 'add'){
	if(!is_numeric($id)){
		echo '<script>history.back;</script>';
		//header('Location: index.php');
	}
	//取商品价格
	$sql1 = 'SELECT `product_price` FROM `product` WHERE `product_id` = :id';
	$stmt1 = $conn -> prepare($sql1);
	$stmt1 -> bindParam(':id',$id);
	$stmt1 -> execute();
	$vo1 = $stmt1 -> fetchColumn();
	
	//检查是否重复
	$sql3 = 'SELECT * FROM `order` WHERE `customer_id` = :customer_id AND `product_id` = :id AND `order_type` = 0';
	$stmt3 = $conn -> prepare($sql3);
	$stmt3 -> bindParam(':customer_id',$customer_id);
	$stmt3 -> bindParam(':id',$id);
	$stmt3 -> execute();
	
	if($stmt3 -> rowCount() == 0){
		$order_addtime = date('Y-m-d G:i:s');
		$order_number = date('U');
		$order_type = 0;
		$sql = 'INSERT INTO `order` (customer_id,product_id,order_price,order_type,order_number) VALUES (:customer_id,:product_id,:order_price,:order_type,:order_number)';
		$stmt = $conn -> prepare($sql);
		$stmt -> bindParam(':customer_id',$customer_id);
		$stmt -> bindParam(':product_id',$id);
		$stmt -> bindParam(':order_price',$vo1);
		//$stmt -> bindParam(':order_addtime',$order_addtime);
		$stmt -> bindParam(':order_type',$order_type);
		$stmt -> bindParam(':order_number',$order_number);
		$stmt -> execute();
	//$id = '112233';
	}
}elseif($act == 'del'){
	//删除购物车内容
	$sql4 = 'DELETE FROM `order` WHERE `order_id` = :id ';
	$stmt4 = $conn -> prepare($sql4);
	$stmt4 -> bindParam(':id',$id);
	$stmt4 -> execute();
}elseif($act == 'buy'){
	//$order_id = array();
	if(isset($_POST['order_id'])){
		$order_id = $_POST['order_id'];
	}
	if(strlen($order_id) > 0){
	
		$x = 0;
		foreach($order_id as $mycheckbox){
			$x += 1;
			if($x == 1){
				$order_id_array = $mycheckbox;
			}else{
				$order_id_array = $order_id_array.','.$mycheckbox;
			}
		}
	//}elseif(strlen($order_id) > 0){
		
	//}
	//echo '<script>alert(\''.$order_id.'\');</script>';
	//提交订单
	$sql6 = 'UPDATE `order` SET `order_type` = 1 WHERE `order_id` IN ('.$order_id_array.') ';
	$stmt6 = $conn -> prepare($sql6);
	//$stmt6 -> bindParam(':id',$order_id);
	$stmt6 -> execute();
	//var_dump($order_id);
	echo '<script>alert(\'购买成功!\');</script>';
	}
}
//查询购物车
$sql2 = 'SELECT * FROM `order` WHERE `customer_id` = :customer_id AND `order_type` = 0 ';
$customer_id = $_SESSION['customer_id'];
$stmt2 = $conn -> prepare($sql2);
$stmt2 -> bindParam(':customer_id',$customer_id);
$stmt2 -> execute();
$vo2 = $stmt2 -> fetchAll();
//$num = $stmt2 -> rowCount();

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>购物车</title>
</head>

<body>
<?php echo $_SESSION['customer_name']?>的购物车
<table width="784" border="1" align="center">
  <tr>
    <th>&nbsp;</th>
    <th>商品名称</th>
    <th>商品价格</th>
    <th>数量</th>
    <th>操作</th>
  </tr>
  <form name="buyform" method="post" action="">
  <input name="act" value="buy" type="hidden" />
<?php 
$sql5 = 'SELECT `product_name` FROM `product` WHERE `product_id` = :product_id ';
foreach($vo2 as $value2){
	
	$stmt5 = $conn -> prepare($sql5);
	$stmt5 -> bindParam(':product_id',$value2['product_id']);
	$stmt5 -> execute();
	$vo5 = $stmt5 -> fetchColumn();
?>
  <tr>
    <td align="center"><input type="checkbox" name="order_id[]" value="<?php echo $value2['order_id']; ?>" /></td>
    <td align="center"><?php echo $vo5; ?></td>
    <td align="center"><?php echo $value2['order_price'];?></td>
    <td align="center">1</td>
    <td align="center"><a href="cart.php?act=del&id=<?php echo $value2['order_id'];?>">[删除]</a></td>
  </tr>
<?php 
}
?>

<tr>
    <td colspan="5" align="center"><input name="submit" type="submit" value="购买所选" /></td>
  </tr>
  </form>
</table>
</body>
</html>
